Label data line as first or last

razmizafiruddin · September 21, 2022, 1:21am

Hi, i am new to kibana, i have some data loaded into index pattern as below. new data will be uploaded every 30 min. i am having problem to label/determine the first and last data for each serial number. i think it is achieveable using scripted field but i am unable to find the correct script for this situation.

this is sample of the data loaded. i want to add two column/label for each line whether it is "is First" or "is Last" test.
Kibana1

this is for when new data is loaded, the "is Last" label changed depends on the date.
Kibana2

Thank you

warkolm · September 21, 2022, 1:24am

Welcome to our community!

So are the first and last states based only on the timings in the batch of data when it is loaded in? The batches are not related in anyway?

razmizafiruddin · September 21, 2022, 1:38am

Hi warkolm, thank you for prompt respond. i am looking to based on those two parameter only. the Serial and the LastTestDate column. but if there is new data for that particular Serial, then the "is Last" data will change accordingly

warkolm · September 21, 2022, 1:40am

That changes your approach a fair bit, as you need to read the data in Elasticsearch and then update it accordingly. You might want to look at using Logstash or an ingest pipeline to handle this.

razmizafiruddin · September 21, 2022, 2:12am

meaning i cant use Scripted field for this issue?

warkolm · September 21, 2022, 2:26am

I am not sure it could handle that level of complexity.

razmizafiruddin · September 21, 2022, 2:35am

Thanks man. lets wait if got other opinion on this.

system · October 19, 2022, 2:35am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.